Diffie-Hellman Man-in-the-middle attack

17 January 2016

Learn how to carry a Man-in-the-middle attack against the Diffie-Hellman key exhange with a Python script.

Introduction

The Diffie-Hellman protocol is a method for two users to generate a shared private secret with which they can then exchange information across a public channel. This protocol is mostly used to secure a variety of network services.

A Diffie-Hellman key exchange by itself does not provide authentication of the communicating parties and is thus vulnerable to a man-in-the-middle attack.An attacker may establish two distinct key exchanges between the two parties, allowing it to decrypt, then re-encrypt the messages transmitted between them.

The Diffie-Hellman key exchange

Alice and Bob want to exchange information across an insecure channel.The Python code below is a simple implementation of the Diffie-Hellman protocol.